Bamboo via Apache with SSL

I can't reply to this old forum discussing this topic:

This is less of a question and more of a contribution to the community of how I did it.

My web server is Apache and I only wanted to provide access to three services (Bamboo, Fisheye, and Jira) all through the same secure port, using different web contexts

  • myserver:443/bamboo
  • myserver:443/jira
  • myserver:443/fisheye

Jira and fisheye were relatively easy to set up because they use the tomcat container. Using mod proxy apache can communicate with these services over plain HTTP, and proxy port / proxy host settings take care of the rest.

Bamboo I had much trouble with. The old forum thread seemed overly complex. And one of the solutions wouldn't work for me because I do not expose Bamboo on a non-secure port.

In the end what solved it was to reconfigure Bamboo so that it loaded from the jetty.xml file. Then I reconfigured the server to publish on an SSL connector. Then I used Apache's SSL proxy to communicate with Bamboo over SSL behind the scenes as well. This works because then Bamboo is expecting to work with the https scheme and redirects or generated links don't keep switching back to http://.

1 answer

The jetty.xml I am using is below. I am using a self-signed certificate created with keytool. I am not certain if it is necessary to serve bamboo on the unsecured port (8085) but it serves on ssl over 8086. Neither of these ports is accessible externally via my firewall. Apache connects to the service on the 8086 port.

<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "">
<Configure id="Server" class="org.eclipse.jetty.server.Server">
    <Call name="addConnector">  
            <New class="org.eclipse.jetty.server.nio.SelectChannelConnector">  
                <Set name="host"><Property name="" /></Set>  
                <Set name="port"><Property name="jetty.port" default="8085"/></Set>  
                <Set name="confidentialPort"><SystemProperty name="jetty.ssl.port" default="8086"/></Set>
                <Set name="IntegralPort">8086</Set>
    <Call name="addConnector">
            <New class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector">
                <Set name="host"><Property name="" /></Set>
                <Set name="port"><Property name="jetty.port" default="8086"/></Set>
                <Set name="Keystore"><SystemProperty name="jetty.home" default="."/>/keystore</Set>
                <Set name="Password">password</Set>
                <Set name="KeyPassword">password</Set>
    <Call name="setHandler">
            <New class="org.eclipse.jetty.webapp.WebAppContext">
                <Arg name="webApp">
                    <SystemProperty name="bamboo.webapp" default="../webapp"/>
                <Arg name="contextPath">/bamboo</Arg>
                <Set name="defaultsDescriptor">webdefault.xml</Set>
                <Get name="sessionHandler">
                    <Set name="sessionManager">
                        <New class="org.eclipse.jetty.server.session.HashSessionManager">
                            <Set name="httpOnly">true</Set>        <!-- use M$ http only cookies? -->

Doesn't work for me

Suggest an answer

Log in or Join to answer
Community showcase
Jason Wong
Published yesterday in Agility Beta

Welcome to agility

Every team in the world is unique, and so   Atlassian believes   that each and every team's best way of working  needs to  be molded to their unique circumstances  – ...

389 views 6 16
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot